Add support for Android SHM

2025-06-08 16:21:32 +00:00 · 2022-08-01 08:10:45 +01:00 · 2022-08-01 08:10:45 +01:00 · 608ea5f8ab
commit 608ea5f8ab
parent 00b5d3792d
2 changed files with 47 additions and 14 deletions
--- a/frida_mode/src/asan/asan.c
+++ b/frida_mode/src/asan/asan.c
@ -8,23 +8,17 @@ static gboolean asan_enabled = FALSE;
 gboolean        asan_initialized = FALSE;
 void asan_config(void) {
  if (getenv("AFL_USE_FASAN") != NULL) { asan_enabled = TRUE; }
 }
 void asan_init(void) {
  FOKF(cBLU "Instrumentation" cRST " - " cGRN "asan:" cYEL " [%c]",
       asan_enabled ? 'X' : ' ');
  if (asan_enabled) {
    asan_arch_init();
    asan_initialized = TRUE;
  }
 }
 static gboolean asan_exclude_module(const GumModuleDetails *details,
@ -36,14 +30,17 @@ static gboolean asan_exclude_module(const GumModuleDetails *details,
  address = gum_module_find_export_by_name(details->name, symbol_name);
  if (address == 0) { return TRUE; }
  /* If the reported address of the symbol is outside of the range of the module
   * then ignore it */
  if (address < details->range->base_address) { return TRUE; }
  if (address > (details->range->base_address + details->range->size)) {
    return TRUE;
  }
  ranges_add_exclude((GumMemoryRange *)details->range);
  return FALSE;
 }
 void asan_exclude_module_by_symbol(gchar *symbol_name) {
  gum_process_enumerate_modules(asan_exclude_module, symbol_name);
 }
--- a/frida_mode/src/shm.c
+++ b/frida_mode/src/shm.c
@ -7,9 +7,48 @@
 #include <sys/ipc.h>
 #include <sys/mman.h>
 #include <sys/shm.h>
 #ifdef __ANDROID__
  #include <linux/ashmem.h>
  #include <sys/ioctl.h>
 #endif
 #ifdef __ANDROID__
  #define ASHMEM_DEVICE "/dev/ashmem"
 void *shm_create(size_t size) {
  int               fd = -1;
  char              ourkey[11] = {0};
  void *            addr = MAP_FAILED;
  struct ashmem_pin pin = {0, size};
  fd = open(ASHMEM_DEVICE, O_RDWR);
  if (fd < 0) { FFATAL("Failed open /dev/ashmem: %d", errno); }
  if (snprintf(ourkey, sizeof(ourkey) - 1, "%d", IPC_PRIVATE) < 0) {
    FFATAL("Failed to generate key: %d", errno);
  }
  if (ioctl(fd, ASHMEM_SET_NAME, ourkey) < 0) {
    FFATAL("ioctl(ASHMEM_SET_NAME) errno: %d\n", errno);
  }
  if (ioctl(fd, ASHMEM_SET_SIZE, size) < 0) {
    FFATAL("ioctl(ASHMEM_SET_SIZE) errno: %d\n", errno);
  }
  addr = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);
  if (addr == MAP_FAILED) { FFATAL("mmap failed: %d\n", errno); }
  /* Shared memory pinning has been deprecated. So if the ioctl fails, then
  just assume we are running on a version where it has been. Worst case, we
  will leak the shared memory region.*/
  ioctl(fd, ASHMEM_UNPIN, &pin);
  close(fd);
  return addr;
 }
 #else
 void *shm_create(size_t size) {
  int shm_id =
      shmget(IPC_PRIVATE, size, IPC_CREAT | IPC_EXCL | S_IRUSR | S_IWUSR);
  if (shm_id < 0) { FFATAL("shm_id < 0 - errno: %d\n", errno); }
@ -22,15 +61,12 @@ void *shm_create(size_t size) {
   * dies.
   */
  if (shmctl(shm_id, IPC_RMID, NULL) < 0) {
    FFATAL("shmctl (IPC_RMID) < 0 - errno: %d\n", errno);
  }
  /* Clear it, not sure it's necessary, just seems like good practice */
  memset(addr, '\0', size);
  return addr;
 }
-
+#endif